Btpanel

**Name of the Vulnerable Software and Affected Versions** aaPanel BaoTa versions prior to 11.1.1 **Description** A SQL injection issue exists in aaPanel BaoTa. The issue is located in the Backend component, specifically within the `/database?action=GetDatabaseAccess` endpoint. Manipulation of the `Name` parameter can lead to SQL injection. The exploit has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** Update aaPanel BaoTa to version 11.1.1 or later.